CVE-2026-28815
published 2026-04-03CVE-2026-28815: A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or…
PriorityP338high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
0.47%
37.3th percentile
A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos | >= 4.0.0 < 4.3.1 | 4.3.1 |
| apple | swift-crypto | >= 4.0.0 < 4.3.1 | 4.3.1 |
| apple | swift-crypto | >= 4.0.0 < 4.3.1 | 4.3.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
osv·2026-04-03
CVE-2026-28815 [HIGH] Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
### Summary
The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI memory-safety boundary issue when a shorter `Data` value is passed in, because the C code may read beyond the Swift buffer.
The issue is reachable through initialization of an `HPKE.Recipient`, which decapsulates the provided `encapsulatedKey` during construction. A malformed `encapsulatedKey` can therefore trigger undefined behavior instead of a safe length-validation error.
### Details
The `decapsulate` function of
GHSA
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
ghsa·2026-04-03
CVE-2026-28815 [HIGH] CWE-787 Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
Swift Crypto: X-Wing HPKE Decapsulation Accepts Malformed Ciphertext Length
### Summary
The X-Wing decapsulation path accepts attacker-controlled encapsulated ciphertext bytes without enforcing the required fixed ciphertext length. The decapsulation call is forwarded into a C API, which expects a compile-time fixed-size ciphertext buffer of 1120 bytes. This creates an FFI memory-safety boundary issue when a shorter `Data` value is passed in, because the C code may read beyond the Swift buffer.
The issue is reachable through initialization of an `HPKE.Recipient`, which decapsulates the provided `encapsulatedKey` during construction. A malformed `encapsulatedKey` can therefore trigger undefined behavior instead of a safe length-validation error.
### Details
The `decapsulate` function of
No detection rules found.
No public exploits indexed.
Wiz
CVE-2026-28815 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-28815 [HIGH] CVE-2026-28815 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28815 :
Swift vulnerability analysis and mitigation
A remote attacker can supply a short X-Wing HPKE encapsulated key and trigger an out-of-bounds read in the C decapsulation path, potentially causing a crash or memory disclosure depending on runtime protections. This issue is fixed in swift-crypto version 4.3.1.
Source : NVD
## 7.5
Score
Published April 3, 2026
Severity HIGH
CNA Score 7.5
Affected Technologies
Swift
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 10
Exploitation Probability (EPSS) N/A
Affected packages and libraries
swift-crypto
Sources
NVD
Swift Severity HIGH Has Fix Added at: Apr 05, 2026
## Get a CVE risk assessment
Get a prioritized view of C
Wiz
CVE-2026-28499 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-28499 [HIGH] CVE-2026-28499 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-28499 :
Swift vulnerability analysis and mitigation
#(value)
Source : NVD
## 6.9
Score
Published March 18, 2026
Severity MEDIUM
CNA Score 6.9
Affected Technologies
Swift
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1.1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
leaf-kit
Sources
NVD
Swift Severity MEDIUM Has Fix Added at: Mar 17, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.
## Related Swift vulnerabilities:
CVE ID
Severity
Score
Technologies
Component name
CISA KEV exploit
Has fix
Published date
CVE-2026-20613
HIGH
7.8
Swift
Wiz
GHSA-88q6-jcjg-hvmw Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz
GHSA-88q6-jcjg-hvmw Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-88q6-jcjg-hvmw :
Swift vulnerability analysis and mitigation
## Summary
true
## Details
The vulnerability exists in Sources/JSONWebSignature/JWS+Verify.swift at lines 34-37:
public func verify(key: Key?) throws -> Bool {
guard SigningAlgorithm.none != protectedHeader.algorithm else {
return true // <-- Vulnerability: returns true without verification
}
When the JWT header contains "alg": "none", the verify() method returns true immediately without:
Checking if the signature is empty or present
Validating the token against any key
Requiring explicit opt-in from the caller
The SigningAlgorithm enum in Sources/JSONWebAlgorithms/Signatures/SigningAlgorithm.swift:72 explicitly includes case none = "none" as a valid algorithm.All verification methods are affected:
JWS.verif
Wiz
GHSA-pc9j-5v36-2mww Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz
GHSA-pc9j-5v36-2mww Impact, Exploitability, and Mitigation Steps | Wiz
## GHSA-pc9j-5v36-2mww :
Swift vulnerability analysis and mitigation
CVSSv3.1 Rating: 3.7 (LOW)
Summary
This notification is related to the use of specific values for the region input field when calling AWS services. An actor with access to the environment in which the SDK is used could set the region input field to an invalid value.
A defense-in-depth enhancement has been implemented in the AWS SDK for Swift. This enhancement validates that a region used to construct an endpoint URL is a valid host label. The change was released on November 6, 2025. This advisory is informational to help customers understand their responsibilities regarding configuration security.
Impact
Customer applications could be configured to improperly route AWS API calls to non-existent or non-AWS hosts. While t
Wiz
CVE-2026-30867 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-30867 [HIGH] CVE-2026-30867 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-30867 :
Swift vulnerability analysis and mitigation
CocoaMQTT is a MQTT 5.0 client library for iOS and macOS written in Swift. Prior to version 2.2.2, a vulnerability exists in the packet parsing logic of CocoaMQTT that allows an attacker (or a compromised/malicious MQTT broker) to remotely crash the host iOS/macOS/tvOS application. If an attacker publishes the 4-byte malformed payload to a shared topic with the RETAIN flag set to true, the MQTT broker will persist the payload. Any time a vulnerable client connects and subscribes to that topic, the broker will automatically push the malformed packet. The app will instantly crash in the background before the user can even interact with it. This effectively "bricks" the mobile application (a persistent DoS) until the retained m
Wiz
CVE-2026-20613 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-20613 [HIGH] CVE-2026-20613 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-20613 :
Swift vulnerability analysis and mitigation
The ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using relative pathnames. This issue is addressed in container 0.8.0 and containerization 0.21.0.
Source : NVD
## 7.8
Score
Published January 23, 2026
Severity HIGH
CNA Score 7.8
Affected Technologies
Swift
NixOS
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 1
Exploitation Probability (EPSS) N/A
Affected packages and libraries
gi
Wiz
CVE-2026-23886 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-23886 [HIGH] CVE-2026-23886 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-23886 :
Swift vulnerability analysis and mitigation
TracingMiddleware
Source : NVD
## 5.3
Score
Published January 19, 2026
Severity MEDIUM
CNA Score 5.3
Affected Technologies
Swift
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Percentile (EPSS) 35.3
Exploitation Probability (EPSS) 0.1
Affected packages and libraries
github.com/swift-otel/swift-otel
github.com/swift-otel/swift-w3c-trace-context
Sources
NVD
Swift Severity MEDIUM Has Fix Added at: Jan 21, 2026
## Get a CVE risk assessment
Get a prioritized view of CVEs in your cloud—so you can focus on what's exploitable, not just what's listed.
## Related Swift vulnerabilities:
CVE ID
Severity
Score
Technologies
Component
Wiz
CVE-2026-27120 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz·CVSS 7.8
CVE-2026-27120 [HIGH] CVE-2026-27120 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2026-27120 :
Swift vulnerability analysis and mitigation
Leafkit is a templating language with Swift-inspired syntax. Prior to 1.4.1, htmlEscaped in leaf-kit will only escape html special characters if the extended grapheme clusters match, which allows bypassing escaping by using an extended grapheme cluster containing both the special html character and some additional characters. In the case of html attributes, this can lead to XSS if there is a leaf variable in the attribute that is user controlled. This vulnerability is fixed in 1.4.1.
Source : NVD
## 6.1
Score
Published February 20, 2026
Severity MEDIUM
CNA Score 6.1
Affected Technologies
Swift
Has Public Exploit Yes
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probabilit
2026-04-03
Published